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The invention relates to mobile computing in a computer environment. More 
particularly, the invention relates to storing, managing, and retrieving a mobile 
computer user's smart card security information. 



DESCRIPTION OF THE PRIOR ART 

The current computing environment requires users, in general, to physically cany 
25 either a laptop or a notebook portable computer in order to maintain a fully 
functional, truly personalized, computing environment when moving from place to 
place. Because laptop and notebook computers, though physically small, are 
comparatively bulky and heavy, mobile computer users continuously seek ever 
smaller and lighter devices that will provide and maintain their personalized 
30 comp uting env ironment. 

An example of such a smaller and lighter device that has recently enjoyed signifi- 
cant commercial popularity is the personal digital assistant ("PDA"). However, 
even though PDAs are smaller and lighter than laptop or notebook computers 
35 and provide a personalized computing environment, they do not presently offer 
the full functionality of desktop, laptop or notebook portable computers. 
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For example, when a PDA is removed from an environment in which a computer 
user has a fully functional computing environment, the PDA must first be loaded 
with an up-to-date image of data for pertinent portions of that environment, e.g., 
an address book, calendar, email, etc. Similarly, when a PDA returns to the fully 
5 functional computing environment, data in the PDA that has changed since leaving 
the fully functional computing environment must be transferred and/or 
synchronized from the PDA back into the user's regular computer and vice versa. 

Desktop computers capable of accessing the Internet are ubiquitous in 
10 industrialized countries worldwide. A computer user, while traveling, can usually 
obtain access to such a computer and use that computer's Internet access to 
communicate worldwide. With sufficient data and appropriately configured, such 
computers could, in principle, provide mobile computer users with a fully function- 
al personal computing environment. However, establishing a mobile computer 
3 15 user's fully functional computing environment at a remote or transitory location, 
% e.g., in an airport kiosk or overnight lodging, requires error-free entry of a 

^ p rodigious amount of highly detailed information to configure the local comp uter. 

ti The amount of information required to configure a local computer so it provides 

^ 20 the mobile computer user's fully functional, personal computing environment is 

=j disproportionately large in comparison with the benefit obtained. Consequently, 

: l there presently does not exist any convenient hardware and software that 

% permits mobile computer users to move from computer to computer anywhere 

3 in the world, carrying with them their personalized, fully functional computing 

^ 25 environment. 

Presently, smart cards are used primarily for facilitating financial transactions. 
However, because smart cards include at least a limited amount of non-volatile 
readable and writeable memory and may also include a programmable 

30 processor, they inherently possess a capability for use in applications other than 
financial transactions. Storing data into a smart card, accessing that data, and 
activating a smart card's processor to execute a comp uter program all require that 
the smart card be interconnected with some type of reader/terminal. This 
characteristic of smart cards limits the potential for b roadening their use for mobile 

35 computing applications because, in general, there does not presently exist an 
infrastructure that supports the use of smart cards for applications other than 
financial transactions. 
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It would be advantageous to provide a smart card security information 
configuration and recovery system that provides a user with exclusive access to 
his computer and secure logins into networks and Web sites using a smart card. 
It would further be advantageous to provide a smart card security information 
5 configuration and recovery system that allows the user to easily replace a lost 
smart card. 

SUMMARY OF THE INVENTION 

10 

The invention provides a smart card security information configuration and 
recovery system. The system provides a user with exclusive access to his 
computer and secure logins into networks and Web sites via a smart card. In 
addition, the invention provides a secure method for reproducing the security 
13 15 information on a lost smart card. 

\jh A preferred embodiment of the invention provides a secure Web site and 

:|f server that allows smart card users to easily create and obtain smart cards and 

y passwords. A password and user question are cieated for the user. The 

^ 20 password is used for access to the server if the smart card is lost and the user 
question is used to confirm the user's identity when challenged while accessing 
H the server without a smart card. 

0 The client program accesses the smart card inserted into the client computer and 

1 25 retrieves the smart card's ID and other user and system specific information. The 

data are sent to the server across the Internet or network and an access key is 
created. 

The access key and the smart card ID are stored in the client computer's CMOS 
30 or non-volatile memory forboot-up access. The client computer will boot only if 
the proper smart card is installed or the proper access key is entered when the 
smart card is unavailable. An emergency diskette is optionally created and the 
user's computercan boot using the diskette as a replacement forthe smart card. 

35 If the user loses his smart card (and emergency diskette), then he must gain 
access to his computer through the access key route. The user logs onto the 
server through another computer. The server, issues an access key to the user 
after the user logs in. Access to the client computer is gained using the access 
key. 
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When the user wants to get a new smart card issued, he logs onto the seiver. 
The new smart card's ID is retrieved from the smart card. The smart card's ID is 
sent to the server to replace the previous smart card's ID and the server 
5 generates a new access key and stones it. The new access key and the smart 
card's ID are stored in the client computer's CMOS or non-volatile memory for 
boot access. 

The invention can also morph the user's personal computing environment, 
10 encryption and other rights that were stored in the previous smart card into the 
new smart card. 

Other aspects and advantages of the invention will become apparent from the 
following detailed description in combination with the accompanying drawings, 
1 5 illustrating, by way of example, the principles of the invention. 



BRIEF DESCRIPTION OF THE DRAWINGS 

20 Fig. 1 is a flowchart showing the execution flow of the client to server exchange 
when the user specifies the indices required for his personal computing 
environment according to the invention; 

Fig. 2 is a flowchart showing the execution flow of the client to server exchange 
25 when the user specifies the indices required for his personal computing 
environment according to the invention; 

Fig. 3 is a flowchart showing the schema for managing a user's personal 
computing environment data between a server database and a smart card 
30 according to the invention; 

Fig. 4 is a block schematic diagram showing the user's indices accessible on a 
client and a server according to the invention; 

35 Fig. 5 is a block schematic diagram showing the exchange of the user's indices 
between a client and a server according to the invention; 
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Fig. 6 is a block schematic diagram showing the exchange of data between the 
user's smart card, a client, a server, and a redundant server when a user index is 
deleted according to the invention; 



5 Fig. 7 is a block schematic diagram depicting a scenario when the server 
responsible for a particular user is switched when the user relocates according to 
the invention; 

Fig. 8 is a block schematic diagram of a task-oriented viewpoint of a preferred 
1 0 embodiment of the invention illustrating the client and server tasks for a server- 
based data management system according to the invention; 

Fig. 9 is a block schematic diagram of a task-oriented viewpoint of a preferred 
embodiment of the invention illustrating the client and server tasks for a client- 
1 5 based data management system according to the invention; 

Fig. 10 is a diagram depicting a smart card capable laptop computer according to 
the invention; 

20 Fig. 1 1 is a block schematic diagram of a client computer communicating across 
the Internet to the Secure Web server according to the invention; 

Fig. 12 is a flowchart showing the schema for creating a new smart card for a client 
computer according to the invention; 

25 

Fig. 13 is a flowchart showing the schema for obtaining an access key for 
accessing a client computer according to the invention; 

Fig. 14 is a flowchart showing the steps that a client computer follows for booting 
30 up without a smart card according to the invention; 

Fig. 1 5 is a flowchart showing the schema for replacing a smart card according to 
the invention; 



35 Fig. 1 6 is a flowchart showing the schema for replacing an old access key with a 
new access key according to the invention; and 

Fig. 1 7 is a flowchart showing the schema for morphing the data from an old smart 
card onto a new smart card according to the invention. 
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DETAILED DESCRIPTION OF THE INVENTION 



The invention is embodied in a smart card security information configuration and 
5 recovery system in a computer environment. A system according to the 
invention provides a user with exclusive access to his computer and secure 
logins into networks and Web sites via a smart card. In addition, the invention 
provides a secure method for reproducing the security information on a lost smart 
card. 

10 

The invention provides a mobile computer user with a system that is extremely 
compact, and yet permits the user to cany with him sufficient machine readable 
data to easily establish his fully functional mobile personal computing environ- 
ment anywhere in the world. 

15 

A preferred embodiment of the invention stores, in a smart card, sufficient 
information to petmit characterizing a mobile computer user's personalized, fully 
functional computing environment. The information that the mobile personal 
computing environment supplies may differ from system to system. However, 
20 the amount of information stoned in the smart card is sufficient to create a 
consistent computing environment for the user. Information such as operating 
system preferences, favorite Web sites, email addresses, credit card information, 
ISP information, program preferences, program environments, etc. are stored in 
the smart card. 

25 

Referring to Fig. 1, the user activates the invention's client computer program 
through an auto launch at boot-up 101 or through a manual launch 102 when he 
begins to use a client computer. A smart card reader/terminal is connected to, or 
resident in, the user's computer, reading the user's smart card. The client 
30 computer program retrieves indices from the smart card 1 03. The user specifies 
to the invention the data needed to establish at least a portion of his mobile 
personal environment through the invention's user interface 104. 

The invention checks the smart card to determine if the spedfied data is present in 
35 the smart card's local memory 105. If the specified data is in the smart card's 
memory, then the invention retrieves the data from the smart card for subsequent 
use by the invention 1 06. If the specified data is not in the smart card's memory, 
then the invention accesses, via the Internet or other method, a secure server that 
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stones additional data which more fully characterizes the mobile computer user's 
personalized, fully functional computing environment 108. The invention then 
retrieves the specified data from the server for subsequent use by the invention 
1 09 and updates the smart card data 110. If the data is not on the server 1 08, 
5 then it is new data from the user which must be recorded and used to access the 
Internet 111. 

With respect to Fig. 2, having retrieved the required data either from the smart 
card, the server, or directly from the user, the client computer program uses the 
10 data to construct a Uniform Resource Locator (URL) 201 and, if possible, gather 
the usemame, password, and Internet site bookmark data needed to 
immediately and directly access an Internet site that constitutes at least some part 
of the mobile computer user's mobile personal environment 202. 

3 1 5 Using the data constructed in this way, the invention then builds a URL command 

% and sends it to the Internet 203. The URL, username, password and Internet site 
bookmark data, if complete, permit the mobile computer user to log onto the 

!f specified Internet site 204 and proceed immediately to a specified page at that 

y Internet site 205. If some information is incorrect or incomp lete, interacting with the 

^ 20 Internet site accessed by the URL, the mobile computer user can either enter; as 

«5 required, the username, password, and Internet page data to access a desired 

'4 Internet page 207, 208, or may supply that information through a graphical user 

% interface (GUI) that provides a drag and drop capability 210, 21 1 . 

^ 25 Referring to Fig. 3, to initialize or update indices stored on the smart card, the user 
activates the invention's client computer program 301, 302, instructing the 
program to access, via the Internet or other method, the server that stores 
additional information which characterizes a mobile computer user's personalized, 
fully functional computing environment 303. The server permits the user to 
30 change data characterizing his personalized mobile personal environment 304, 
for example, adding a new Internet site to his environment. After the user 
specifies changes to be made in his mobile personal environment, the server 
links to the specified Internet site and determines updated indices for storage on 
the smart card 305. 
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After linking to the specified Internet site and updating the computing environment 
information stored at the server 306, the invention attempts to update the indices 
stored on the user's smart card connected to his computer 307. If the smart card 
memory is full 309, then one record is deleted from those stored in the smart card 
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until the smart card has sufficient free memory to store the updated indices 311, 
the updated index is then written into the smart card's memory 310. Otherwise, if 
the smart card memory is not full 309, then the updated indices are immediately 
stoned on the smart carcl 310. In addition to saving the updated indices on the 
5 smart card, the server also saves the updated index in its database which 
characterizes this mobile computer user's mobile personal environment 308. 

If the amount of unused storage in the server's database is sufficient to store the 
updated indices 312, then the information is stored in the database 313. 
10 Otherwise, the server first offers the user an opportunity to allocate more server 
storage for his indices 314. If the user declines the offer of additional storage, 
then the server deletes one record from the database until the server has 
sufficient fnee memory to store the updated indices 316. The server then adds 
the updated index to the indices stored in the database 31 5. If the user accepts 
3 15 the offer of additional storage 314, then the new index is added to the servers 
K database 315. The mobile computer user is able to initially specify and, as 

^ required, update data that characterizes his mobile personal environment. 

y The user is allowed to create sets of indices when storing a larger amount of 

t l 20 information on the server than is available on the user's smart card. The user can 
**, then choose between different sets of information to be downloaded to his smart 

; 4 card. For example, the user can set his smart card to his personalized mobile 

;:f computer environment for his U.S. office, foreign office, or even his home. This 

3 allows the user to characterize each separate and distinct computer system that 

^ 25 he uses. 

One skilled in the art will readily appreciate that although the mobile computer 
user's personalized computer environment is specifically mentioned above, any 
other type of information, such as personal data, financial data, operating system, 
30 computer personality, video and/or audio data, etc., are easily substituted in its 
place. 

With respect to Fig. 4, the invention provides an infrastructure that permits using 
smart cards for ap p lications other than financial transactions. The smart card 404 is 
35 interconnected with a smart card reader/terminal that can communicate via the 
Internet, extranet, or intranet 402. Using this device 401, a computer user 
specifies characteristics for some computing function. Presuming that the 
reader/terminal is connected to the user's personal computer, an index for the 
specified computing function is stored into that computer's memory 403. Also, 
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the index is stored both into the smart card 404 and into a server accessible via 
the Internet, extranet, or intranet 402, 405, 406. 

Referring to Fig. 5, in general, the smart card stores only a fraction of a computer 
5 user's total indices since smart cards possess only a limited amount of memory. 
When those indices completely fill the available smart card memory 504, addition 
of another index causes the least recently used index to be deleted from the 
smart card's memory 504. However, because the server may, in principle, stone 
more indices 505 than the smart card 504, the index discarded from the smart 
1 0 card 504 can remain stored and accessible at the server 502, 506. In this way, 
the smart card 504 carries indices that characterize at least some fraction of 
computing functions specified by individual computer users 503, 505, thereby 
making those functions accessible to the computer user worldwide 506 at any 
suitably programmed smart card reader/terminal. 

15 

With respect to Fig. 6, in accessing a pre-specified computer function, the smart 
card 604 is placed in a suitably programmed neader/tenminal 601 from which the 
index stored in the smart card 604 is transferred to that reader/terminal or host 
computer device's memory 603. If the requested index is not present in the 

20 smart card's memory 604, the device 601 then accesses the server 602 via the 
Internet, extranet, or intranet 607 to retrieve the index that is stored there 606. 
Because retrieving a particular index from the server 602 makes it the most 
recently used index, the device 601 transfers the index both to the device's 
memory 603 and replaces the least recently used index 605 in the smart card's 

25 memory 604 with the most recently used index. If a new index is added to the 
server database 606 when the database 606 is full, the system either discards 
the least recently used index 608 or, if possible, gives the user the option to 
allocate more serverstoiage forhis records, as described above. 

30 Another preferred embodiment of the invention adds a backup server 609 that 
contains a consistent copy of the entire user database 606 served by the main 
server602. If the main seiver602 fails, the backup server 609 takes over. The 
backup server's database 610 and external interface 61 1 are identical to the main 
server's 602 components. 

35 

Additionally, a plurality of servers can be used along with load balancing, to 
handle large amounts of client requests. The client can perform its own load 
balancing among the servers by using, for example, the response time (RTT) 
torn each server to determine the best choice. If the main server serving the 
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user fails or is otherwise inaccessible, then the client will automatically switch to 
another server. 



Referring to Fig. 7, to efficiently utilize server resources distributed at various 
5 locations throughout the world, the invention records places in the world from 
which a user accesses his mobile personal environment. Recording such data 
permits the server to reasonably determine that a user has moved from one 
place to another, e.g., from the United States to Japan. For example, if a user 
who had previously accessed his mobile personal environment 704 mostly from 

10 the United States 701, 702, 703 suddenly began accessing that environment 
704, 709 entirety from Japan 706, 707, 708 for an extended interval of time, 
e.g., one or two months, then the server 704 can reasonably determine that the 
user has moved from the United States to Japan. If the server 704 determines 
that the user has relocated his residence and if there exists another server 709 

15 that is located physically closer to the user's new residence, then the systems 
operating on both servers 704 , 709 effect a transfer of the user's mobile 
personal environment indices 705 from the more remote server 704 to the 
nearerserver709. 

20 The invention allows mobile computer users to carry, on a single smart card, all 
the information required to characterize their mobile personal environment and to 
quickly establish their mobile personal environment anywhere in the world. 

With respect to Fig. 8, a high-level task viewpoint of a preferred embodiment of 
25 the invention is shown. The user plugs his Smart Card 805 into the smart card 
reader that is connected to, or resident in, the client computer. The Configure 
Client System module 806 reads the Smart Card 805 through the Read/Write 
Smart Card module 803. The Configure Client System module 806 either 
automatically configures the client computer to the user's personal computing 
30 environment or queries the user through the User Interface 802 for the information 
needed from the Smart Card 805 to configure the user's personal computing 
environment (as described above), depending on the user's preference 
settings. 

35 The user can also manage the indices stored on his Smart Card 805 and the 
Server Database 81 1 . The Server Interface module 801 communicates with the 
secure server containing the user's information. The communication is through the 
secure Web site provided by the Manage User Information module 807 on the 
server. The Manage User Information module 807 displays the user's indices 
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stoned on the Server Database 81 1 . The user requests his indices through the 
secure Web site. His indices are retrieved from the Server Database 811 by 
the Lookup User Information module 810. The Lookup User Information module 
810 relays the index information to the Manage User Information module 807. 
5 The indices resident on the user's Smart Card 805 are sent to the Manage User 
Information module 807 through the Server Interface 801 . The smart card indices 
are compared with the user's indices from the Server Database 811 by the 
Compare User Information module 808, which correlates and compares any 
differences between the two sources. The Manage User Information module 
1 0 807 displays the information to the user through a secure Web page. 

The usercan create (for new users), add, delete, and update his indices through 
the User Interface module 802 connection to the secure Web page. The Server 
Database 811 indices are updated through the Update User Record module 
O 15 809. Smart Card indices are updated by the Manage User Information module 
% 807 through the Server Interface 801. The Server Interface 801 sends the 

ii update information to the Update Smart Card module 804. The Update Smart 

;|J Card module 804 writes the information to the Smart Card 805 through the 

5 Read/Write Smart Card Module 803. 

m 20 

In the case of multiple servers, the Server Database 81 1 is redundantly stored 
; l among other servers. The Server Database 811 is updated with information 

li from other servers by the Manage Server Database module 812. Any new 

O updates to the Server Database 81 1 that ane initiated locally are sent out to other 

^ 25 servers by the Manage Server Database module 812. 

Additionally, any transfers of user index records from one seiverto a more local 
server (in case of the user relocating to another location) is performed by the 
Manage Server Database module 812. 

30 

Referring to Fig. 9, another preferred embodiment of the invention is shown that 
performs that same basic functions as those described in Fig. 8, except that the 
client has a server connection that is most likely temporary in nature, e.g., a dialup 
modem connection. The difference in operation between Figs. 8 and 9 is when 
35 the user manages his indices on his smart card and server database. The client 
connects to the Client Interface module 908 on the server through the Manage 
User Information module 901, resident on the client. The Client Interface 908 
collects the user's indices for the Manage User Information module 901. The 
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user's records are retrieved from the Server Database 91 1 by the Lookup User 
Infoimation module 910. 

Once the user's indices are received by the Manage User Information module 
5 901 , the client can disconnect from the server and the user manages his indices 
offline with the client. The Compare User Information module 907 operates in 
the same manner as described above. The infoimation obtained from the 
ServerDatabase911 and the Smart Card 905 are displayed to the userthrough 
the User Interface 902. After the user has updated his indices and any changes 
10 to the user's records on the Server Database 911 are required, the client 
reconnects with the server's Client Interface 908. The Server Database 91 1 is 
updated with any changes by the Update User Record module 909. 

Yet another preferred embodiment of the invention encrypts the entire Server 
15 Database 911. Each user record is individually encrypted such that if one user 
rBcord is accessed and decrypted by a hacker, the other user records will not be 
compromised in any way. The actual encryption of a user record is performed 
by the client. The Manage User Information module 901 retrieves the user's 
encrypted record from the server. If this fails, then the user must create a new 
20 record to access. The server looks up, using the Smart Card's 905 ID, and 
retrieves the user's record through the Lookup User Information module 910. 
The server does not know what the contents of the record are, only that the 
record belongs to the user (much like a safety deposit box). The record is sent 
back to the client via the Client Interface module 908. 

25 

The Manage User Infoimation module 901 decrypts the user record using the 
Smart Card 905 encryption key information stored in the Smart Card 905. Each 
smart card is unique and the encryption key only exists on a particular smart card 
and not on the server. Once the user has completed any changes to the indices 
30 in the record, the Manage User Information module 901 encrypts the user record 
using the encryption key on the Smart Card 905 and sends the record back to 
the server. The Client Interface module 908 sends the encrypted record to the 
Update User Record module 909 which replaces the user record in the Server 
Database 91 1 with the new encrypted user record. 

35 

This approach ensures that there is a one-to-one mapping of user records to 
smart cards; each user record in the Server Database 91 1 can only be decrypted 
by a specific smart card, it also ensures that the Server Database 91 1 is secure 
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and cannot be easily compromised. The intruder would have to physically have 
every existing smart card to cnackthe entire database. 



If a user loses his smart card, then there is a procedure where the smart card can 
5 be morphed, or recreated. The user inserts a new Smart Card 905 into the dient 
system. The system through the User Interface module 902 has the user enter in 
his personal information in the same manner as when he first created his original 
smart card. The new Smart Card 905 is then initialized and the encryption key is 
recreated. The new smart card's ID is sent to the Client Interface module 908 

10 from the User Interface module 902 via the Manage User Information module 
901 . The Update User Record module 909 removes the original smart card's ID 
from the user's record on the Server Database 91 1 and replaces it with the new 
smart card's ID. Once that is completed, the User Interface module 902 then 
places the encryption key in the new Smart Card 905 via the Read/Write Smart 

15 Card module 903. The user's smart card has now been recreated and the 
original smart card disabled. 

The server has the ability to simultaneously perform the server functions 
described in Figs. 8 and 9. This allows the server to handle both secure Web 
20 access and clients that have temporary server connections. 

One skilled in the art will readily appreciate that although the client and server 
functionality are described separately above, both the client and server can 
reside on the same physical machine. 

25 

The smart card can also be used to provide exclusive access to a specific 
computer. For example, when a user travels, he nonmally carries his laptop 
computer as well as his smart card. The smart card allows the user to go to any 
computer and use his mobile personal computing environment as described 
30 above. It further allows the user to exclusively access his personal laptop 
computer. The laptop computer is matched to the user's smart card and will not 
allow any other users to access the laptop without that specific smart card. 

With respect to Fig. 10, the computer 1001 has a smart card reader either 
35 onboard or attached. The computer 1001 is configured to boot after confirming 
that the proper smart card 1002 is inserted or, in the absence of the smart card, 
that the proper password is entered. The user typically has the smart card 1002 
already inserted into the comp uter 1 001 . 
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When the smart card 1002 is inserted into the computer 1001, the computer 
1 001 boots up into its normal operating system. The user uses the computer in 
his usual fashion. For example, when the user is in his network browser, the 
invention allows him to enter networks and Web sites that require a login 
5 procedure and, using the user's passwords stored on the smart card 1002, 
automatically login to the site. The computer 1001 accesses the passwords 
stored on the smart card 1002 and finds the name of the network or address of 
the Web site and the conresponding username and password for the network or 
site. The username and password are entered into the network or Web site's 
1 0 login query by the computer 1 001 , thereby logging the user onto the network or 
Web site. 

However, when the user loses his smart card, his computer is inaccessible. 
Typically, the user must call the smart card service provider or go to the 
15 provider's service center to obtain a replacement smart card. The invention 
provides a solution to this problem and allows the user to not only access his 
computer, but to morph the mobile personal environment data that was present 
on his lost smart card onto his new smart cand. 

20 Referring to Figs. 11 and 12, a secure Web site and server 1 103 are provided 
that allows smart card users to easily create and obtain smart cards and 
passwords. On first startup using the invention, the user's computer 1 101 starts 
the invention's client computer program. The client computer program begins 
registration of the new smart card 1201. A password and user question are 

25 created 1202. The password is used for access to the server if the smart card is 
lost and the user question is used to confirm the user's identity when challenged 
while accessing the server 1 1 03 without a smart card. 

The user enters his personal information and the other system specific 
30 information, e.g., the computer's serial number, into the client program 1203. The 
client program then accesses the smart card inserted into the computer 1 1 01 and 
retrieves the smart card's ID 1204. The information is confirmed, the data {e.g., 
user's personal information, computer's serial number, smart card ID, password, 
etc.) are sent to the server 1103 across the Internet or network 1102 and an 
35 access key is created 1205. The server creates the access key through pseudo- 
random means or other means, possibly based on the smart card's ID. 

The access key and the smart card ID are then stored in the user's computer's 
1101 CMOS or non-volatile memory for boot-up access and the user's 
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computer 1101 is configured for smart card secure access 1206. The user's 
computer will now boot only if the proper smart card is installed or the proper 
access key is entered when the smart card is unavailable. An emergency 
diskette is optionally created and the user's computer can boot using the diskette 
5 as a rep lacement for the smart card. 

With respect to Fig. 13, if the user loses his smart card (and emergency diskette), 
then he must gain access to his comp uter through the access key route. The user 
accesses the server 1 103 through another comp uter 1301 . Access to the server 
10 1103 is gained through a utility program 1302. The server 1103 asks the user 
log in (possibly using user and/or system specific information) 1304 which is 
checked by the server 1 1 03. If the login is incorrect, the serverwill ask for it again 
1 303. Otherwise, the server, issues the access key 1 305 that the user will use to 
gain access to his computer. 

O 15 

% Referring to Fig. 14, the user's computer starts up 1401 and since there is no 

I« smart card inserted, it checks its boot p rogram to see if it is in secure mode 1 402. 

% If it is not, then it simply starts the operating system 1 408. If it is in secure mode, 

SI then the computer asks the user to enter his access key 1403 that he obtained 

131 20 from the server 1 1 03. The access key is checked against the stored access key 
I3 forvalidity 1 404. If it is not valid, then the system locks 1 405. If the access key 

!H is valid, then the system bypasses the lockout 1 406, encourages the user to get 

K a new smart card 1 407, and starts the op erating system 1 408. 

{A 25 If the propersmart card is installed and readable, the computer simply checks the 
smart card's ID with the stored ID and boots if it is valid. Otherwise, it defaults to 
the procedure above. 

Referring again to Fig. 8, the user plugs his Smart Card 805 into the smart card 
30 reader that is connected to, or resident in, the client computer. The Configure 
Client System module 806 reads the Smart Card 805 through the Read/Write 
Smart Card module 803. The User Interface 802 communicates with the user on 
creation of passwords, challenge questions, entry of user information, and 
comp uter information. The Server Interface 801 sends userdata, Smart Card ID, 
35 and computer information to the Manage User Information module 807. 

The Lookup User Information 810 finds the user record containing the computer 
serial number, access key, password, challenge question, etc. The Update User 
Record module 809 updates the user record with any new information. The 



15 



Update User record module 809 also creates the access key, updates the user 
record with the access key, and sends the access key to the Manage User 
Interface module 807 which then sends the access key to the Server Interface 
801. The Server Interface 801 forwards the access key to the User Interface 802 
5 and the Configure Client System 806. The Configure Client System 806 installs 
the Smart Carcl ID and access key into the client computer's CMOS or non- 
volatile memory. 

With respect to Fig. 1 5, when the user wants to get a new smart card issued, he 
10 runs the smart card utility program 1501 on his computer 1 101 . The user logs in 
(possibly using user and/or system specific information) 1502 which is verified 
1502 by the server 1 103. If it is incomect, the user will be queried for it again. 

Otherwise, the user the user's information, obtained from the server 1103, such 
O 15 as name, email, phone number, computer information, etc., is entered into the 
% smart card's memory 1504. To keep the smart card as secure as possible, the 

user's information cannot be edited by the user until after the card has been 
IS successfully issued. The new smart card's ID is retrieved from the smart card 

: 5 1505. The smart card's ID is sent 1506 to the server 1103 to replace the 

lp 20 previous smart card's ID and the server 1 103 generates a new access key and 
O stores it 1506. The new access key and the smart card's ID are stored in the 

H user's computer's CMOS or non-volatile memory for the boot sequencel 507. 

0 Alternatively, the creation of a new access key can be performed at alatertime. 

H: 25 

Referring to Fig. 16, once the user has a valid smart card, he can change the 
access key at any time. The user logs onto the Web server 1103 through his 
computer 1 101 and has the server 1 103 generate a new access key. The user 
runs the smart card utility p rogram 1 601 to coordinate with the server 1 1 03. The 
30 server 1 103 cancels the previous access key 1602, creates a new access key, 
and stores it 1603. The new access key is then stored in the user's computer's 
CMOS memory for the boot sequence 1604. 

If the userwants to morph the data from the previous smart card afterthe process 
35 in Fig. 15, the invention follows the morphing procedure described above. 

W ith respect to Fig. 17, as noted above, the invention can also morph the user's 
previous smart card containing his personal computing environment at the time 
that he creates a new smart card. The user runs the smart card utility 1 701 . The 
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user enters the server by entering the old access key or other user and system 
specific information which is verified by the server 1702. The server can perform 
lookups based on the access key other user and system specific information or 
the computer serial number. If the information is not valid, then the user is asked 
5 to reenter it 1702. If the infoimation is valid, then the old access key is canceled 
1 704, the smart card ID is retrieved 1 705, and sent to the server 1 706. 

The data and rights that the server knows were stored on the previous smart card 
are transferred into the new smart card 1707. The server disables the previous 
10 smart card's registration and makes the new smart card the valid card. The 
previous smart card's encryption and other rights ane disabled in the server 
database and the new smart card is given those rights. As noted above, the 
serverdatabase is encrypted such that the smart card can decrypt the information 
when it reaches the client. 

15 

The server also generates a new access key and stores it 1707. The new 
access key and smart card ID are stored in the user's comp uteres C MOS or non- 
volatile memory forthe boot sequence 1708. 

20 Although the invention is described herein with reference to the preferred 
embodiment, one skilled in the art will readily appreciate that other applications 
may be substituted for those set forth herein without departing from the spirit and 
scope of the present invention. Accordingly, the invention should only be 
limited by the Claims included below. 
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